<?php

class LoginControl extends Control {

    public function login_out() {
        session_unset();
        session_destroy();
        $this->success('退出成功！', $_SERVER['HTTP_REFERER']);
    }

    public function ajax_login() {
        //AJAX登陆验证
        if (IS_AJAX) {
            $account = adds_html($_POST['account']);
            //如果是ajax验证，才执行下面方法，防止用户直接在地址栏访问此方法
            $data = M('user')->query('select * from hd_user where username="' . $account . '"');
            //把前台ajax提交的用户信息提取出来
            if (empty($data)) {
                //如果为空，则无此用户信息，用户不存在！
                echo 0;
                die;
            } else {
                if ($data[0]['passwd'] != md5($_POST['pwd'])) {
                    echo 1;
                    die;
                }
                $arr = array(
                    'id' => 2,
                    'username' => $account,
                    'uid'=> (int) $data[0]['uid']
                );
                echo json_encode($arr);
                //session设置
                $_SESSION['username'] = $account;
                $_SESSION['uid'] = (int) $data[0]['uid'];
                if (array_key_exists('auto', $_POST) && $_POST['auto'] == 'on') {
                    //自动登陆设置
                    setcookie(session_name(), session_id(), time() + 3600 * 24 * 7, '/Index');
                }
            }
        }
    }

}
